Closed kenjones-cisco closed 8 years ago
:+1: @kenjones-cisco absolutely. I added you as a collaborator, and I really want to spend more time on this project in the next few months. Thanks for helping out!
Great! Just about done with it. Got one test case that is fighting me ;-)
I created branch (https://github.com/chiefy/vaulted/tree/feature/consul) that includes all the work so far.
The one aspect that is not working as expected is the use of /consul/creds/
as it indicates that no role exists even though I can validate that the role does exist using /consul/roles/
. I'm pretty sure the root cause is related to missing a step in the expected flow within Vault.
As you will notice, I added a Vagrantfile for setting up a common environment. The authstore/
directory provides a containerized setup for running vault and consul together.
As indicated in the commit message, I made a change to init and included an internal
that will make it possible to backup and recover the internal state currently only available within instance variables.
Take a look and let me know what you think.
Thanks @kenjones-cisco , I will check it out ASAP
Possible root cause of challenges.
By making changes to the test cases when using a Consul storage backend to make sure it is ready has allowed a workaround to the previous issue.
Current blocking issue is dealing with being unable to generate a token from Vault when using Consul as secrets backend:
Support the APIs defined for Consul within Vault: https://www.vaultproject.io/docs/secrets/consul/index.html
Provide optional integration through package (https://www.npmjs.com/package/consul) to enable obtaining a management token for use within Vault to manage ACLs using a Consul backend.
I'm planning to created the above, and if there is interesting I'll create a pull request once I have it completed. As this is a need I have for my current project. Feedback welcome.